By default, backups of SDDC Manager and NSX Manager are stored in the SDDC Manager appliance. Change the destination of the backups to an external SFTP server.


  • The external SFTP server must support a 256-bit length ECDSA SSH public key.
  • Only a user with the ADMIN role can perform this task. See User and Group Management.
  • You will need the SHA256 fingerprint of RSA key of the SFTP server.


  1. In the navigation pane, click Administration > Backup.
  2. On the Backup page, click the Site Settings tab and then click Register External.
  3. On the Backup page, enter the settings and click Save.

    To obtain the SSH Fingerprint of the target system to verify, connect to the SDDC Manager Appliance over ssh and run the following command:

    ssh-keygen -lf <(ssh-keyscan -p 22 -t rsa sftp_server_fqdn 2> /dev/null) | cut -d' ' -f2



    Host FQDN or IP

    The FQDN or IP Address of the SFTP server.



    Transfer Protocol



    A service account with privileges to the SFTP server.

    For example: svc-vcf-bck.


    The password for the username provided.

    Backup Directory

    The directory on the SFTP server where backups are saved.

    For example: /backups/.

    SSH Fingerprint

    The SSH Fingerprint is automatically retreived from the SFTP server, verify the SSH Fingerprint.

    Confirm Fingerprint


    Encryption Passphrase

    The encryption passphrase used to encrypt the backup data.


    The encryption passphrase should be stored safely as it is required during the restore process.

  4. In the Confirm your changes to backup settings dialog box, click Confirm.